Hello, I've been trying to figure out different ways to detect "bloodhound" which is an enumeration tool used for Active Directory. Is it possible for Wireshark to send alerts for a certain amount of packets within a certain amount of time?
Originally I was thinking of using python to code it myself since I couldn't find anything about it online.
Thank you in advance!